TNW Sites

Tresorit opens its end-to-end encrypted file-sharing service to the public

Tresorit today officially launched its end-to-end encrypted cloud storage service after emerging from its stealth beta. The startup employs multiple layers of security that make its data extremely difficult to compromise.

One key advantage to Tresorit is that it doesn’t have a master key to your encryption, so, unlike what happened to secure email service Lavabit, it can’t be forced to provide access to your data. The startup is also based in Switzerland, which should help keep it out of reach of NSA court orders.

Tresorit uses AES-256 encryption on the client side before your data is uploaded. It also relies on a patented encryption method for sharing files with others. The service is available on PC, Mac, iOS and Android. A Windows Phone version is currently in closed beta, and a Linux client is in development.

It’s worth noting that NSA whistleblower Edward Snowden recently recommended the use of end-to-end encryption as an important method for avoiding widespread government surveillance.

In fact, the need for a service like Tresorit has become more apparent in light of the recently exposed Heartbleed bug in OpenSSL. While Tresorit used OpenSSL as part of its encryption methods, it wasn’t susceptible to attack because it had other security protocol in place.

Despite Tresorit’s confident claims that your data is secure, it’s also important to remember the adage that no system is unhackable. Tresorit’s head of marketing Szabolcs Nagy asserts that the company has simply made it difficult enough that would-be attackers will move on. To prove this, the company has challenged hackers to break its security.

Tresorit set up a dummy infrastructure with identical specs as its production servers and provided hackers with admin credentials to prove that even Tresorit employes can’t access user data.

In conjunction with the launch, Tresorit is upping the bounty for its hacking challenge from $25,000 to $50,000. Since the challenge began over a year ago, more than 1,000 hackers, including participants from MIT, Stanford, Harvard and Caltech, have tried unsuccessfully to break in.

Of course, one downside to having client-side encryption is that if you lose or forget your password, Tresorit can’t get you back into your account. For the privacy-minded, that could certainly be considered a feature, but Tresorit is working on methods to reset access without compromising the security of the system.

Tresorit raised $1.7 million in funding during its limited beta with over 100,000 users.

The free version of Tresorit offers up to 16GB of data, while premium Pro and Business plans provide 20GB of storage and additional features for $12.99 per month and $19.49 per month, respectively.

If you’re interested in giving Tresorit a whirl, you can head here for a free, limited 30-day trial of the service’s premium features.